µ±Ç°Î»ÖãºLinux½Ì³Ì - Linux×ÊѶ - 2.2.xÄÚºËIPαװ´æÔÚ°²È«Â©¶´

2.2.xÄÚºËIPαװ´æÔÚ°²È«Â©¶´

¡¡¡¡Linuxϵͳ2.2.xÄں˵ÄIPαװʵÏÖÖдæÔÚÑÏÖØ°²È«Â©¶´¡£ÔÚÏà¹ØµÄºËÐÄ´úÂëÖжÔÁ¬½ÓÇé¿öȱ·¦ÈÏÕæµÄ¼ì²é¡£¹¥»÷Õß¿ÉÒÔÖØдºËÐÄÖÐUDPαװ±íÏʹ¹¥»÷ÕßµÄUDP°ü¿ÉÒÔ±»Â·ÓɽøÄÚ²¿»úÆ÷¡£ µ±Ò»¸öÄÚ²¿IPÒª·ÃÎÊÍⲿÍøÂçµÄDNS·þÎñÆ÷ʱ£¬µ±·¢Ë͵ÄUDP°ü¾­¹ýIPαװÍø¹Øʱ£¬Äں˻áÌí¼ÓÒ»¸ö±íÏîÀ´¼Ç¼Õâ¸öÁ¬½Ó¡£±ÈÈç´ÓÄÚ²¿Ö÷»úAµÄ1035¶Ë¿ÚÁ¬ÍùÍⲿÖ÷»úCµÄ53¶Ë¿ÚµÄÒ»¸öUDP°ü£¬Äں˽«Õâ¸ö°üµÄÔ´µØÖ·Ìæ»»³ÉαװÍø¹Ø(B)µÄIP,Ô´¶Ë¿ÚÉèÖóÉÍø¹ØÉÏΪ´ËÁ¬½Ó·ÖÅäµÄÒ»¸ö¶Ë¿Ú£¬È±Ê¡ÊÇ´Ó61000¶Ë¿Úµ½65096¶Ë¿Ú£¬Òò´ËÀíÂÛÉÏ¿ÉÒÔºËÐÄͬʱ´¦Àí4096¸öTCP/UDPαװÁ¬½Ó¡£ Host A:1035 -> GW B:63767 -> Host C:53 µ±ÍⲿÍøÂç·¢ËÍÒ»¸öUDP°üµ½Î±×°Íø¹Øʱ£¬Linux IPαװֻ¸ù¾ÝÄ¿±ê¶Ë¿ÚÀ´¾ö¶¨ÊÇ·ñÓ¦¸Ã½«Õâ¸öUDP°üת·¢µ½ÄÚ²¿ÍøÂç¡£Èç¹ûÄ¿±ê¶Ë¿ÚÔÚÒѾ­½¨Á¢µÄαװÁ¬½Ó±íÖÐÓжÔÓ¦±íÏËü¾Í»á½«´Ë°üÖеÄÔ´ipºÍÔ´¶Ë¿Ú¸üÐÂÏàÓ¦±íÏîµÄÔ¶³ÌÖ÷»úipºÍ¶Ë¿Ú¡£¹¥»÷ÕßÖ»ÒªÅжÏαװÍø¹ØµÄµÄ¶Ë¿Ú¾Í¿ÉÄÜÓÃ×Ô¼ºµÄipºÍ¶Ë¿ÚÀ´ÖØдαװÁ¬½Ó±í¡£Î±×°Íø¹ØÓÃÀ´ÎªÎ±×°Á¬½Ó·þÎñµÄ¶Ë¿Ú·¶Î§Í¨³£ÊÇ´Ó61000µ½65096,Òò´ËÍⲿ¹¥»÷ÕߺÜÈÝÒ×ÅжÏÄÄЩ¶Ë¿ÚÒѾ­±»ÓÃÀ´½¨Á¢Á¬½Ó¡£¹¥»÷Õß¿ÉÒÔÏòαװÍø¹ØµÄÕâЩ¶Ë¿Ú·¢ËÍUDP¼ì²â°ü£¬È»ºó¼ì²é¶Ë¿ÚµÄICMPÓ¦´ð°üµÄIP ID¡£Ã¿¸öÖ÷»úÿ·¢Ò»¸ö°ü£¬ËüµÄTCP/IPÕ»ÖеÄIP ID»áµÝÔöÒ»¡£Òò´Ë¶ÔÓÚÓÃÓÚipαװµÄ¶Ë¿ÚËù·¢»áµÄICMPÓ¦´ðÖн«»áÓÐÄÚ²¿Ö÷»úµÄIP ID. Õâ¸öIDͨ³£»áÓëÍø¹ØÖ÷»úµÄµ±Ç°IP IDÏà²îºÜ¶à£¬Í¨³£¶¼ÔÚ1000ÒÔÉÏ¡£ÏÂÃæµÄÀý×Ó¾ÍÏÔʾÁËÀûÓÃÈõµã½øÐй¥»÷µÄ¹ý³Ì£º Ö÷»ú A ÊÇÄÚ²¿Ö÷»ú (192.168.1.100) Ö÷»ú B ÊÇαװÍø¹Ø (192.168.1.1 / 10.0.0.1) Ö÷»ú C ÊÇһ̨ÍⲿDNS·þÎñÆ÷ (10.0.0.25) Ö÷»ú X ÊÇÍⲿ¹¥»÷ÕßµÄIP (10.10.187.13) ½øÐмì²â֮ǰ£¬ÔÚαװÍø¹ØÉÏÖ´ÐÐÃüÁipchains -L -M -n À´ÏÔʾµ±Ç°Î±×°Á¬½Ó±íµÄÇé¿ö£º > UDP 03:39.21 192.168.1.100 10.0.0.25 1035 (63767) -> 53 Ä¿Ç°ÊÇ´Ó192.168.1.100µÄ1035¶Ë¿Ú·¢Íù10.0.0.25µÄ53¶Ë¿ÚµÄÁ¬½Ó£¬Î±×°¶Ë¿ÚÊÇ63767 [ ´Ó¹¥»÷ÕߵĻúÆ÷ÉϽøÐÐtcpdumpµÃµ½µÄ½á¹û] (ΪÁ˸üÈÝÒ׵Ŀ´Çå³þÎÊÌ⣬ÕâÀïÎÒÃÇÉèÖÃËùÓмì²âÓõİüµÄÔ´¶Ë¿ÚΪ12345 ) [ ÎÒÃǵļì²â½«´Ó61000¶Ë¿Ú¿ªÊ¼£¬ÎÒÃÇÂÔµôÁËÇ°ÃæµÄһЩ½á¹û ] 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63762 unreachable [tos 0xd8] (ttl 245, id 13135) 10.10.187.13.12345 > 10.0.0.1.63763: udp 0 (DF) [tos 0x18] (ttl 254, id 23069) 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63763 unreachable [tos 0xd8] (ttl 245, id 13136) 10.10.187.13.12345 > 10.0.0.1.63764: udp 0 (DF) [tos 0x18] (ttl 254, id 23070) 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63764 unreachable [tos 0xd8] (ttl 245, id 13137) 10.10.187.13.12345 > 10.0.0.1.63765: udp 0 (DF) [tos 0x18] (ttl 254, id 23071) 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63765 unreachable [tos 0xd8] (ttl 245, id 13138) 10.10.187.13.12345 > 10.0.0.1.63766: udp 0 (DF) [tos 0x18] (ttl 254, id 23074) 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63766 unreachable [tos 0xd8] (ttl 245, id 13139) 10.10.187.13.12345 > 10.0.0.1.63767: udp 0 (DF) [tos 0x18] (ttl 254, id 23083) 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63767 unreachable [tos 0xd8] (ttl 244, id 17205)
[1] [2] ÏÂÒ»Ò³ 

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ÉÏÃæÕâ¸ö°üµÄIDÊÇ17205,ËüÓë13139Ïà²îÒѾ­³¬¹ý4000ÁË£¬Õâ¾ÍÊÇ˵£¬ÎÒÃÇ·¢ÏÖÁËÒ»¸ö¾­¹ýαװµÄÁ¬½Ó¡£!!! 10.10.187.13.12345 > 10.0.0.1.63768: udp 0 (DF) [tos 0x18] (ttl 254, id 23084) 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63768 unreachable [tos 0xd8] (ttl 245, id 13140) 10.10.187.13.12345 > 10.0.0.1.63769: udp 0 (DF) [tos 0x18] (ttl 254, id 23088) 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63769 unreachable [tos 0xd8] (ttl 245, id 13141) 10.10.187.13.12345 > 10.0.0.1.63770: udp 0 (DF) [tos 0x18] (ttl 254, id 23090) 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63770 unreachable [tos 0xd8] (ttl 245, id 13142) 10.10.187.13.12345 > 10.0.0.1.63771: udp 0 (DF) [tos 0x18] (ttl 254, id 23091) 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63771 unreachable [tos 0xd8] (ttl 245, id 13143) 10.10.187.13.12345 > 10.0.0.1.63771: udp 0 (DF) [tos 0x18] (ttl 254, id 23092) 10.0.0.1 > 10.10.187.13: icmp: 10.0.0.1 udp port 63772 unreachable [tos 0xd8] (ttl 245, id 13144) [ ÎÒÃǵļì²âµ½65096¶Ë¿Ú½áÊø£¬ÎÒÃÇÊ¡ÂÔÁËһЩ½á¹û ] ÏÖÔÚÎÒÃÇÔÙÀ´¼ì²éÒ»ÏÂαװÍø¹ØµÄαװÁ¬½Ó±íµÄÇé¿ö£º ipchains -L -M -n > UDP 04:35.12 192.168.1.100 10.10.187.13 1035 (63767) -> 12345 ¿ÉÒÔ¿´µ½£¬ÏÖÔÚÔ¶³ÌÖ÷»úÒѾ­»»³ÉÁ˹¥»÷ÕßµÄip:10.10.187.13,Ä¿±ê¶Ë¿ÚÒ²»»³ÉÁ˹¥»÷Õß¼ì²âÓõÄÔ´¶Ë¿Ú:12345 ÏÖÔÚ¹¥»÷Õ߾ͿÉÒÔ´Ó12345Ô´¶Ë¿Ú·¢ËÍUDPÊý¾Ý¸øÄÚ²¿Ö÷»úµÄ1035¶Ë¿ÚÁË¡£ <* À´Ô´£ºH D Moore *> -------------------------------------------------------------------------------- ½¨Òé: ¶ÔÓÚ·ÃÎÊÍⲿDNSµÄÎÊÌ⣬һ¸ö¿ÉÄܵĽâ¾ö°ì·¨ÊÇÔÚαװÍø¹ØÉÏÉèÖÃÒ»¸ö»º´æÓòÃû·þÎñÆ÷£¬È»ºó½ûÖ¹UDP°üµÄαװ¡£

£¨³ö´¦£ºhttp://www.sheup.com£©


ÉÏÒ»Ò³ [1] [2] 

[ ÎÒÃǵļì²âµ½65096¶Ë¿Ú½áÊø£¬ÎÒÃÇÊ¡ÂÔÁËһЩ½á¹û ] ÏÖÔÚÎÒÃÇÔÙÀ´¼ì²éÒ»ÏÂαװÍø¹ØµÄαװÁ¬½Ó±íµÄÇé¿ö£º ipchains -L -M -n > UDP 04:35.12 192.168.1.100 10.10.187.13 1035 (63767) -> 12345 ¿ÉÒÔ¿´µ½£¬ÏÖÔÚÔ¶³ÌÖ÷»úÒѾ­»»³ÉÁ˹¥»÷ÕßµÄip:10.10.187.13,Ä¿±ê¶Ë¿ÚÒ²»»³ÉÁ˹¥»÷Õß¼ì²âÓõÄÔ´¶Ë¿Ú:12345 ÏÖÔÚ¹¥»÷Õ߾ͿÉÒÔ´Ó12345Ô´¶Ë¿Ú·¢ËÍUDPÊý¾Ý¸øÄÚ²¿Ö÷»úµÄ1035¶Ë¿ÚÁË¡£ <* À´Ô´£ºH D Moore *> -------------------------------------------------------------------------------- ½¨Òé: ¶ÔÓÚ·ÃÎÊÍⲿDNSµÄÎÊÌ⣬һ¸ö¿ÉÄܵĽâ¾ö°ì·¨ÊÇÔÚαװÍø¹ØÉÏÉèÖÃÒ»¸ö»º´æÓòÃû·þÎñÆ÷£¬È»ºó½ûÖ¹UDP°üµÄαװ¡£

£¨³ö´¦£ºhttp://www.sheup.com/£©


ÉÏÒ»Ò³ [1] [2] [3]